The FTC has rules about deceptive advertising. But they don’t apply to the government.

Conservatives often argue that the federal government should function more like a private business. Obamacare supporters should be grateful it does not, because otherwise HealthCare.gov would almost certainly run afoul of the Federal Trade Commission (FTC), as well as of the recently established Consumer Financial Protection Bureau (CFPB).

Orson Swindle, who served as an FTC commissioner from 1997 to 2005, says there are a number of practices that, if HealthCare.gov were a private entity, would result in its being “taken to the shed and horsewhipped” by government regulators.

President Obama’s oft-repeated falsehood, “If you like your plan, you can keep your plan” — something the administration knew was untrue — would almost certainly be a textbook case of deceptive advertising, punishable under Section 5 of the Federal Trade Commission Act, which prohibits “unfair or deceptive acts or practice in or affecting commerce.” This includes a “representation, omission or practice that is likely to mislead the consumer,” such that the consumer would be “likely to have chosen differently but for the deception.”

Other examples of potentially deceptive practices include the apparently deliberate decision to withhold information from HealthCare.gov visitors as to the actual prices of the policies offered via the exchanges. In fact, users aren’t told how much those policies will cost until after they have created an account, which requires giving a slew of personal and financial information.

Additionally, a recent CBS News investigation found that HealthCare.gov contains a pricing feature that tends to “dramatically underestimate” the cost of insurance. The website’s “shop and browse” feature divides users into two broad age categories: “49 or under” and “50 or older.” Price estimates for the first age group are based on what a 27-year-old could expect to pay, whereas as the latter group’s price estimates are based on what a 50-year-old would pay, a practice that inevitably produces wildly misleading results for individuals significantly older than the base age. In some cases, actual premiums are nearly double the projected amount. In the words of one industry expert, the feature is “incredibly misleading for people that are trying to get a sense of what they’re paying.”

The FTC requires companies to provide essentially every possible form of information about a given product up front, prior to the point of purchase. Private companies engaged in HealthCare.gov’s kind of behavior would face severe consequences, Swindle tells National Review Online. “Businessmen would lose their businesses, salesmen would lose their licenses — that’s the kind of thing we are talking about here,” he says. “The bottom line is that no private entity would be allowed to get away with what the Obama administration is trying to get away with.”

Perhaps the most significant grievance the FTC, the CFPB, and, potentially, the Department of Justice (DOJ) would have with a private corporation following HealthCare.gov’s practices would be its apparent disregard for the security of sensitive personal information shared by users. The website, which has been targeted by a series of attempted cyber attacks, initially contained a serious flaw that left user accounts and personal information vulnerable to hackers.

Representative Mike Rogers (R., Mich.) gave Health and Human Services Secretary Kathleen Sebelius a dressing down at a congressional hearing two weeks ago, noting that HealthCare.gov was operating with a “completely unacceptable level of security” and that the administration had known this yet had directed people to the site anyway without warning.

According to an internal memo at the Centers for Medicare and Medicaid Services (CMS), the administration had “only partly completed” a full assessment of the website’s security features ahead of the October 1 launch of the exchanges. The potential lack of security was determined to be “a risk that must be accepted” in order to meet that deadline.

“You accepted a risk on behalf of every user of this [website] that put their personal financial information at risk,” Rogers told Sebelius, “because you did not even have the most basic end-to-end test on security of this system. Amazon would never do this; ProFlowers would never do this; Kayak would never do this.”

One reason they wouldn’t is that, if any of these companies had done this, they would almost certainly have faced serious legal action under Section 5 of the FTC Act, which prohibits endangering consumers by “failing to maintain security for sensitive consumer information.” The FTC has pursued such action on 32 occasions since May 2011. “When companies tell consumers they will safeguard their personal information,” the commission notes on its website, “the FTC can and does take law enforcement action to make sure that companies live up to these promises.” Swindle suggests that a violation like that of HealthCare.gov could even warrant a referral to the DOJ for criminal charges.

Heather R. Higgins, president and CEO of Independent Women’s Voice, and founder of the Repeal Coalition, recently wrote on National Review Online that the GOP’s anti-Obamacare strategy should include demanding “that the standards that apply in the private sector to protect consumers against fraud, including bait-and-switch and determinations of liability, will apply to the government’s efforts as well.”

The federal government isn’t typically held to such standards; in fact, it’s somewhat frightening the extent to which it is able get away with behavior that would be unlawful in almost any other circumstance.